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REMARKS 

Reconsideration and allowance of the above -referenced 
application are respectfully requested . 

Claim amendments are presented herein to obviate the 
current rejection. 

Specification 

Several passages in the specification were objected to in 
the office action. Such passages have been amended as 
suggested. 

Claim Objections 

Claims 4, 6, 15 , 17, 26, and 27 have been objected to as 
allegedly containing ambiguous phrases. These claims have been 
amended as suggested. 

35 USC § 112 

Claims 8, 19, 26, and 30 have been objected to as allegedly 
failing to comply with 35 USC § 112, second paragraph. These 
claims have been amended as suggested. 

35 USC § 103 

Claims 1-8, 10-19, 21-30 have been rejected under 103(a) as 
allegedly being unpatentable over Rodwin in view of Fan and in 
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view of Srisuresh. Additionally, claims 9 and 20 have been 
rejected under 103(a) as allegedly being unpatentable over Fan 
in view of Barkley, These rejections are respectfully 
traversed. 

Claim 1 recites sending the determined access control list 
entry from a firet computer on the network to a second computer 
on the network, and translating a public network address to the 
private network address for the user accessing the network 
resource after the access control list entry is sent. Claims 12 
and 23 recite similar features. 

Rodwin describes an arrangement in which a remote user may 
access a remote access device via a remote computer after 
entering a username and a password (see, inter alia, Rodwin col. 
5, lines 10-19) . This username is passed on by the remote 
access device over a network to a dynamic IP address assignment 
/ management server (see, inter alia, Rodwin col* 5, lines 20- 
23) . This server then dynamically assigns an IP address to the 
remote access device which in turn is sent to the remote 
computer (see, inter alia, Rodwin col. 5, lines 23-52). 
Thereafter, the remote computer can access the network via the 
assigned IP address (see, inter alia, Rodwin col. 5, lines 48- 
53) . Rodwin is silent as to the component that conducts the 
authentication and does not mention or suggest the use of a an 
access control list. 
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Fan describes an arrangement in which a firewall determines 
whether a current packet meets certain authorization criteria 
which may take the form of ACL items (see, inter alia, Fan col. 
9, lines 16-23) If such criteria is met, the packet is either 
passed on to the destination (see, inter alia, Fan col. 9, lines 
32-40) . With Fan, the firewall acts as the sole network device 
that provides or blocks packet traffic, 

Srisuresh describes an arrangement in which each computer 
on a stub network is assigned a source IP address that only has 
a local significance (see, inter alia, Srisuresh col, 5, lines 
51-52) * When a computer transmits data external to the stub 
network, a stub router maps the respective source IP address to 
one of the network's available unique IP addresses before 
forwarding packets to a service provider router (see, inter 
alia, Srisuresh col. 5, lines 51-52). If a reply should come 
back, an office router translates a destination IP address 
(which corresponds to the assigned unique IP address) back to 
the originating computer (see, inter alia, Srisuresh col. 6, 
lines 1-7) . Srisuresh describes routing data from a network 
that contains more nodes than unique IP addresses. It does not 
discuss providing or blocking access to a user. 

The skilled artisan would not have been motivated to 
combine Rodwin, Fan, and Srisuresh to result in the subject 
matter of claims 1, 12, and 23. Srisuresh describes a network 
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address translation scheme for a private network. Srisuresh 
does not contemplate limiting access to remote users, but 
rather, simply describes a packet routing technique , As the 
nature of the problem to be solved by Srisuresh differs greatly 
from that of Rodwin and Fan, the skilled artisan would not have 
been motivated to combine these references. Moreover, there are 
no teachings within Rodwin or Fan (or in the general knowledge 
of a skilled artisan) that would suggest combining these 
references with Srisuresh, as Rodwin already describes an 
arrangement in which IP addresses may be assigned to a remote 
network device . 

Even if Rodwin, Pan, and Srisuresh were combined, such 
references fail to teach the features defined by claims 1, 12, 
and 23. In particular, none of the references contemplate an 
arrangement in which a determined access control list entry is 
sent from a first computer to a second computer between the user 
and the network resource before allowing or blocking the user 
access . 

Fan states that a router may also include a firewall (see, 
inter alia, Fan col. 4, lines 45-47) . It does not contemplate 
having a separate router and firewall. However, even if such 
network components were separated, Fan would still not teach 
sending a determined access control list entry from a first 
computer to a second computer on the network between the user 
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and the network as the router of Fan acta to direct incoming and 
outgoing traffic. There is no suggestion that such a router 
could act: to block or permit access to a network resource, As a 
result, there would be no reason for an access control list 
entry to be sent by the router to the firewall of Fan (or vice 
versa) . 

Accordingly, claims 1, 12, 23, and their respective 
dependent claims should be allowable. 

Concluding Comments 

It is believed that all of the pending claims have been 
addressed in this paper. However, failure to address a specific 
rejection, issue or comment/ does not signify agreement with or 
concession of that rejection, issue or comment. in addition, 
because the arguments made above are not intended to be 
exhaustive, there may be reasons for patentability of any or all 
pending claims (or other claims) that have not been expressed. 
Finally, nothing in this paper should be construed as an intent 
to concede any issue with regard to any claim, except as 
specifically stated in this paper, and the amendment of any 
claim does not necessarily signify concession of unpatentability 
of the claim prior to its amendment. 
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Applicant asks that all claims be allowed. Please apply- 
any charges or credits to Deposit Account No. 06-1050. 



Date : 




Reg. No. 32,030 

Attorney for Intel Corporation 

Fish & Richardson P.C 

PTO Customer Number: 20985 

123 90 El Camino Real 

San Diego, CA 9213 0 

Telephone: (858) 678-5070 

Facsimile: (858) 678-5099 

10492927. dOC 
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